1

I implement Spring Security in a project. I want to put a custom object(domain object) in session at the time of login, so that I can check the user details from HttpServletRequest object in any controller.

Please help me, how to do it? My Spring security file is :

<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/login/**" access="permitAll" />
    <intercept-url pattern="/forgotPassword/**" access="permitAll" />
    <intercept-url pattern="/css/**" access="permitAll" />
    <intercept-url pattern="/js/**" access="permitAll" />
    <intercept-url pattern="/images/**" access="permitAll" />
    <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
    <!-- access denied page -->
    <access-denied-handler error-page="/403" />
    <form-login 
        login-page="/login"
        default-target-url="/listSensorData"
        authentication-failure-url="/login?login_error=1"
        username-parameter="username"
        password-parameter="password"
        login-processing-url="/loginSSuser"
    ></form-login>
    <logout logout-success-url="/login" invalidate-session="true" logout-url="/logout" />
</http>

<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="SsmsUserDetService" >
    </authentication-provider>
</authentication-manager>
Piyush Jain
  • 13
  • 3
  • possible duplicate of [How do I get the Session Object in Spring?](http://stackoverflow.com/questions/1629211/how-do-i-get-the-session-object-in-spring) – shruti1810 Jun 04 '15 at 11:35
  • Basically what i need is after login, I want to get the user details from DAO then set it into the session attribute before redirecting to the dashboard page. – Piyush Jain Jun 04 '15 at 11:39
  • same thing are required bcz if logout done with session expire than after successful login it will be redirect last access page. so we want to into the session attribute before redirecting to the page. – HASNEN LAXMIDHAR Jan 12 '16 at 13:03

0 Answers0